github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-04-15 06:58:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,507 Commits 23 Branches 553 Tags
f91cb09ce961cb1dbdbcd044b4b05a3adcb0e1a1
Commit Graph

3507 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
f91cb09ce9 build(deps): Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.40.0 to 1.43.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.40.0...v1.43.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-version: 1.43.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>

# Conflicts:
#	go.mod
#	go.sum
#	httphandler/go.mod
#	httphandler/go.sum
 2026-04-14 13:42:42 +02:00
Matthias Bertschy
3588f2ce23 Merge pull request #1969 from kubescape/dependabot/go_modules/github.com/sigstore/timestamp-authority/v2-2.0.6 
build(deps): Bump github.com/sigstore/timestamp-authority/v2 from 2.0.4 to 2.0.6
 2026-04-14 13:24:32 +02:00
dependabot[bot]
c3c605b8e1 build(deps): Bump github.com/sigstore/timestamp-authority/v2 
Bumps [github.com/sigstore/timestamp-authority/v2](https://github.com/sigstore/timestamp-authority) from 2.0.4 to 2.0.6.
- [Release notes](https://github.com/sigstore/timestamp-authority/releases)
- [Changelog](https://github.com/sigstore/timestamp-authority/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sigstore/timestamp-authority/compare/v2.0.4...v2.0.6)

---
updated-dependencies:
- dependency-name: github.com/sigstore/timestamp-authority/v2
  dependency-version: 2.0.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>

# Conflicts:
#	go.mod
#	go.sum
#	httphandler/go.mod
#	httphandler/go.sum
 2026-04-14 12:50:38 +02:00
Matthias Bertschy
b4f5151765 Merge pull request #1967 from kubescape/dependabot/go_modules/github.com/hashicorp/go-getter-1.8.6 
build(deps): Bump github.com/hashicorp/go-getter from 1.7.9 to 1.8.6
 2026-04-14 12:47:15 +02:00
dependabot[bot]
915876ee52 build(deps): Bump github.com/hashicorp/go-getter from 1.7.9 to 1.8.6 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.7.9 to 1.8.6.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.7.9...v1.8.6)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.8.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>

# Conflicts:
#	go.sum
#	httphandler/go.mod
#	httphandler/go.sum
 2026-04-14 11:03:33 +02:00
Matthias Bertschy
6994b945b8 Merge pull request #1968 from kubescape/dependabot/go_modules/helm.sh/helm/v3-3.20.2 
build(deps): Bump helm.sh/helm/v3 from 3.18.5 to 3.20.2
 2026-04-14 09:46:10 +02:00
Matthias Bertschy
1b2db6d54d Merge pull request #1966 from kubescape/dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4 
build(deps): Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
 2026-04-14 09:32:25 +02:00
dependabot[bot]
104f668af9 build(deps): Bump helm.sh/helm/v3 from 3.18.5 to 3.20.2 
Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.18.5 to 3.20.2.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](https://github.com/helm/helm/compare/v3.18.5...v3.20.2)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-version: 3.20.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-04-14 09:22:34 +02:00
dependabot[bot]
3fa30cc0a1 build(deps): Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Commits](https://github.com/go-jose/go-jose/compare/v4.1.3...v4.1.4)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
  dependency-version: 4.1.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-04-14 09:00:14 +02:00
Matthias Bertschy
fd3c1d07a1 Merge pull request #1965 from Mujib-Ahasan/error-handling 
Fix: handle error from `NormalizeImageName` in patch command
 2026-04-13 17:29:56 +02:00
Mujib Ahasan
5b3c2b91f1 error handling improved 
Signed-off-by: Mujib Ahasan <ahasanmujib8@gmail.com>
 2026-04-13 20:19:05 +05:30
Matthias Bertschy
cb08f4cc1c Merge pull request #1962 from Mujib-Ahasan/duplicate-flag-scan-image 
fix: duplicate flags removed from image.go
 2026-04-09 22:51:24 +02:00
Mujib Ahasan
71fdd36a76 fix: duplicate flags removed from image.go 
Signed-off-by: Mujib Ahasan <ahasanmujib8@gmail.com>
 2026-04-06 22:27:42 +05:30
Matthias Bertschy
7b5b9c4b6b Merge pull request #1955 from kubescape/dependabot/go_modules/github.com/go-git/go-git/v5-5.17.1 
build(deps): Bump github.com/go-git/go-git/v5 from 5.16.5 to 5.17.1
 2026-04-01 15:54:21 +02:00
Matthias Bertschy
a437e7ac4c Merge pull request #1956 from kubescape/dependabot/go_modules/github.com/cilium/cilium-1.17.14 
build(deps): Bump github.com/cilium/cilium from 1.16.17 to 1.17.14
 2026-04-01 15:53:47 +02:00
Matthias Bertschy
07873b32da Merge pull request #1957 from kubescape/dependabot/go_modules/github.com/cloudflare/circl-1.6.3 
build(deps): Bump github.com/cloudflare/circl from 1.6.1 to 1.6.3
 2026-04-01 15:53:32 +02:00
Matthias Bertschy
ee4bd16687 Merge pull request #1954 from kubescape/dependabot/go_modules/golang.org/x/image-0.38.0 
build(deps): Bump golang.org/x/image from 0.25.0 to 0.38.0
 2026-04-01 15:51:46 +02:00
dependabot[bot]
4de4a5e156 build(deps): Bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.6.1 to 1.6.3.
- [Release notes](https://github.com/cloudflare/circl/releases)
- [Commits](https://github.com/cloudflare/circl/compare/v1.6.1...v1.6.3)

---
updated-dependencies:
- dependency-name: github.com/cloudflare/circl
  dependency-version: 1.6.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-04-01 15:27:31 +02:00
dependabot[bot]
1b32d97b54 build(deps): Bump github.com/cilium/cilium from 1.16.17 to 1.17.14 
Bumps [github.com/cilium/cilium](https://github.com/cilium/cilium) from 1.16.17 to 1.17.14.
- [Release notes](https://github.com/cilium/cilium/releases)
- [Changelog](https://github.com/cilium/cilium/blob/1.17.14/CHANGELOG.md)
- [Commits](https://github.com/cilium/cilium/compare/1.16.17...1.17.14)

---
updated-dependencies:
- dependency-name: github.com/cilium/cilium
  dependency-version: 1.17.14
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-04-01 15:27:12 +02:00
dependabot[bot]
b8b36ecc3f build(deps): Bump github.com/go-git/go-git/v5 from 5.16.5 to 5.17.1 
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.16.5 to 5.17.1.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.16.5...v5.17.1)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.17.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-04-01 15:26:49 +02:00
dependabot[bot]
119d23f82f build(deps): Bump golang.org/x/image from 0.25.0 to 0.38.0 
Bumps [golang.org/x/image](https://github.com/golang/image) from 0.25.0 to 0.38.0.
- [Commits](https://github.com/golang/image/compare/v0.25.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/image
  dependency-version: 0.38.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-04-01 15:26:24 +02:00
Matthias Bertschy
979b755739 Merge pull request #1952 from kubescape/dependabot/go_modules/google.golang.org/grpc-1.79.3 
build(deps): Bump google.golang.org/grpc from 1.78.0 to 1.79.3
 2026-03-29 21:48:25 +02:00
dependabot[bot]
62f42a361f build(deps): Bump google.golang.org/grpc from 1.78.0 to 1.79.3 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.78.0 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.78.0...v1.79.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.79.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-03-29 21:22:42 +02:00
Matthias Bertschy
b79488dca6 Merge pull request #1949 from Mujib-Ahasan/grype-db-url 
feat: new flag `--grype-db-url` added to overload the url in `kubescape scan` command
v4.0.3 		2026-03-15 20:46:26 +01:00
Mujib Ahasan
ab97d676ae README.md updated 
Signed-off-by: Mujib Ahasan <ahasanmujib8@gmail.com>
 2026-03-15 23:50:58 +05:30
Mujib Ahasan
0372a4fca6 log added in scanImage(): value of scanInfo.ListingURL for reference 
Signed-off-by: Mujib Ahasan <ahasanmujib8@gmail.com>
 2026-03-10 23:14:33 +05:30
Mujib Ahasan
d7be453fea fix: missing host do not return nil error 
Signed-off-by: Mujib Ahasan <ahasanmujib8@gmail.com>
 2026-03-07 03:15:34 +05:30
Mujib Ahasan
eb8dac0b10 feat: new falg --grype-db-url added to overload the url in kubescape scan command 
Signed-off-by: Mujib Ahasan <ahasanmujib8@gmail.com>
 2026-03-07 02:58:03 +05:30
Matthias Bertschy
2edf348715 Merge pull request #1948 from kubescape/dependabot/go_modules/go.opentelemetry.io/otel/sdk-1.40.0 
build(deps): Bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0
 2026-03-03 20:46:29 +00:00
dependabot[bot]
d989703fd9 build(deps): Bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.39.0 to 1.40.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.39.0...v1.40.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-version: 1.40.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-03-03 21:35:13 +01:00
Matthias Bertschy
5ffa06f571 Merge pull request #1945 from kubescape/dependabot/go_modules/github.com/go-git/go-git/v5-5.16.5 
build(deps): Bump github.com/go-git/go-git/v5 from 5.16.2 to 5.16.5
 2026-02-18 15:13:22 +01:00
dependabot[bot]
9aba8e4534 build(deps): Bump github.com/go-git/go-git/v5 from 5.16.2 to 5.16.5 
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.16.2 to 5.16.5.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.16.2...v5.16.5)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.16.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
v4.0.2 		2026-02-18 14:50:46 +01:00
Matthias Bertschy
93ac65f309 Merge pull request #1944 from lpmi-13/pass-tag-for-runtime-version 
Pass tag for the runtime version
 2026-02-18 14:42:14 +01:00
Adam Leskis
bb2ef7dfda Pass tag for the runtime version 
Signed-off-by: Adam Leskis <leskis@gmail.com>
 2026-02-18 11:29:31 +00:00
Matthias Bertschy
b167435c4d Merge pull request #1941 from kubescape/semver 
fix isRuleKubescapeVersionCompatible bug with version 4.0.0
v4.0.1 		2026-02-12 15:14:45 +00:00
Matthias Bertschy
9b29321a53 Enhance version testing in smoke tests to extract and validate output version 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-02-12 14:56:31 +01:00
Matthias Bertschy
466a11fa1c fix isRuleKubescapeVersionCompatible bug with version 4.0.0 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-02-12 14:08:03 +01:00
Matthias Bertschy
cfe022ff1d Use TagName directly in .krew.yaml templates v4.0.0 2026-02-04 18:16:34 +01:00
Matthias Bertschy
e0eeb691e6 Make version smoke test accept bytes and v-prefix 2026-02-04 17:44:39 +01:00
Matthias Bertschy
dc65bd4ccc force overridden ldflags in goreleaser 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-02-04 17:19:54 +01:00
Matthias Bertschy
02790da144 remove invalid build flag 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-02-04 11:42:11 +01:00
Matthias Bertschy
b97f50ffb5 fix version handling and injection 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-02-04 10:42:12 +01:00
Matthias Bertschy
0841d1d483 Merge pull request #1939 from kubescape/feat/performance-optimization-phases-1-3 
feat: Optimize CPU and Memory Usage for Resource-Intensive Scans
 2026-02-04 07:47:47 +00:00
Matthias Bertschy
fbef268f22 feat: optimize CPU and memory usage for resource-intensive scans 
Implement Phases 1-3 of the performance optimization plan to address
issue #1793 - reduce CPU and memory consumption for system-constrained
environments.

Phase 1 - OPA Module Caching:
- Add compiledModules cache to OPAProcessor with thread-safe access
- Cache compiled OPA rules to eliminate redundant compilation
- Reuse compiled modules with double-checked locking pattern
- Expected CPU savings: 30-40%

Phase 2 - Map Pre-sizing:
- Add estimateClusterSize() to calculate resource count
- Pre-size AllResources, ResourcesResult, and related maps
- Reduce memory reallocations and GC pressure
- Expected memory savings: 10-20%

Phase 3 - Set-based Deduplication:
- Add thread-safe StringSet utility in core/pkg/utils
- Replace O(n) slices.Contains() with O(1) map operations
- Use StringSet for image scanning and related resources deduplication
- 100% test coverage for new utility
- Expected CPU savings: 5-10% for large clusters

Full optimization plan documented in optimization-plan.md

Related: #1793
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-02-04 08:07:54 +01:00
Matthias Bertschy
427dccadd3 Merge pull request #1934 from kubescape/krew 
Add krew plugin manifest
 2026-02-03 17:12:33 +00:00
Matthias Bertschy
01bb19bf6e Add krew plugin manifest 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-02-03 17:58:30 +01:00
Matthias Bertschy
c0d4bb45eb Merge pull request #1937 from kubescape/dependabot/go_modules/github.com/theupdateframework/go-tuf/v2-2.4.1 
build(deps): Bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1
 2026-02-03 14:50:06 +00:00
Matthias Bertschy
222c1ec866 Merge pull request #1931 from Mujib-Ahasan/readmd-update 
Fix broken README table of contents anchor links
 2026-02-03 14:44:36 +00:00
dependabot[bot]
dc49218c7c build(deps): Bump github.com/theupdateframework/go-tuf/v2 
Bumps [github.com/theupdateframework/go-tuf/v2](https://github.com/theupdateframework/go-tuf) from 2.3.1 to 2.4.1.
- [Release notes](https://github.com/theupdateframework/go-tuf/releases)
- [Commits](https://github.com/theupdateframework/go-tuf/compare/v2.3.1...v2.4.1)

---
updated-dependencies:
- dependency-name: github.com/theupdateframework/go-tuf/v2
  dependency-version: 2.4.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-02-03 13:12:03 +01:00
Matthias Bertschy
3b4585a827 Merge pull request #1932 from kubescape/scan-images 
add verbose option to scan-images
 2026-02-02 19:30:00 +00:00